[WEB4LIB] SunOS/BoxPoison virus

Julie James JJames at lva.lib.va.us
Sat May 19 21:20:25 EDT 2001


It's a worm 
http://vil.nai.com/vil/dispVirus.asp?virus_k=99085
"
Method Of Infection  
Infected machines scan random IP addresses looking for other systems to
infect. When one is found, a buffer overflow exploit is used to compromise
that computer which then propagates the virus as well.
"
~~~
Julie James
Technology Consultant
The Library of Virginia
804/692-0800
jjames at lva.lib.va.us  

-----Original Message-----
From: Mary Pugh
To: Multiple recipients of list
Sent: 5/19/01 2:54 PM
Subject: [WEB4LIB] SunOS/BoxPoison virus

Bad News Bears! We were hit with the SunOS/BoxPoison vius on our Dynix 
WebPac server. Our virus scanner caught it before any real damage. I
have 
checked the McAfee and the CERT advisory and I still don't understand
how 
this virus is spread. I did not pay great attention to the bulletin I 
received because we use NT and not Sun. It appears we needed a patch for

our IIS and that is now fixed. But how does this thing work, where did
it 
spread from?


Mary Pugh                               Orcas Island Library District
Network Administrator                   500 Rose Street
360.376.4985                            Eastsound, WA 98245
360.376.5750 fax                        www.orcaslibrary.org


More information about the Web4lib mailing list